Wednesday, June 3, 2015

Generally, when you try to open a web directory in your browser, the browser will either return you an “index” page – an HTML page (or PHP or ASP etc.) that’s in the root of the directory, or if the index file is absent, it will deny access to the directory. But if the index file is missing and the webmaster forgot to password protect the folder, the server will return a listing of the files that are within the directory. An unprotected web directory is like a publicly accessible open computer. You can navigate within the folders, view files or even download them. Many webmasters routinely forget to configure their webservers to deny directory access, thereby exposing their content on the internet for anybody to see.

Google Drive too allows creation of public folders. The idea is to let people share content with others without having to send invitation or requiring them to login to their respective Google accounts. If you use Google Drive, you must already know this. What you might not have been aware is that these public folders are searchable on the web.That’s right. All those open content have been crawled by Google’s spiders and neatly indexed in a file somewhere on their servers.

To find a public Google Drive folder, copy and paste the following query into the Google’s search field:

site:https://drive.google.com/folderview?id=

You can combine the “site” parameter with other queries. For instance,

mp3 site:https://drive.google.com/folderview?id=

will show you all public Google Drive folders with MP3 files. Replace “MP3” with “MP4” or “AVI” and you’ll find folders containing videos. You can also search for “books” or “PDF” or “DOC”.

How to prevent exposing your public Google Drive folder?

Simple. Don’t keep a public folder. If you had created a public folder in the past and if its purpose has been served, lock down the folder or delete it. If you can’t delete a public Google Drive folder, go through its content to check whether you placed something there accidentally.

You can also change how others access your public folders. To do that, follow these steps.

1. Open your Google Drive account and look for the “user icon” in the folders. That icon indicates public folder.

2. Select the folder, and click on the link icon in the toolbar.

3. Click on Sharing settings

4. Click on Advanced

5. Here you can see who has access to the folder. Click on Change.

6. Set it to “Off – Specific people”. Then Save it.

7. Now your folder can be viewed by only those people who you share it with.